Your distribution may already have the Intel QAT drivers, but it is likely they do not contain the necessary user space components. These instructions guide the user on how to download the kernel sources, compile kernel driver modules against those sources, and load them onto the host.
Introduction
Intel QuickAssist Technology (Intel QAT) is developed by Intel and runs on Intel® architecture providing security and compression acceleration capabilities to improve performance and efficiency. It offloads workloads from the CPU to hardware. Server, networking, big data, and storage applications use Intel QAT to offload compute-intensive operations, such as:
- Symmetric cryptography functions, including cipher operations and authentication operations.
- Public key functions, including RSA, Diffie-Hellman, and elliptic curve cryptography.
- Compression and decompression functions, including DEFLATE.
Intel QAT has improved the function of in many areas, such as Hadoop* acceleration, OpenSSL integration, SDN and NFV Solutions Boost and so on. On a more detailed level, we can get the benefits from the following aspects:
- 4G LTE and 5G encryption algorithm offload for mobile gateways and infrastructure.
- VPN traffic acceleration, with up to 50 Gbps crypto throughput and support for IPsec and SSL acceleration.
- Compression/decompression, with up to 24 Gbps throughput.
- I/O virtualization using PCI-SIG Single-Root I/O Virtualization (SR-IOV).
Requirements
Hardware
- Intel QAT device on your machine with the following forms:
- Chipset: Intel® C6xx series chipset
- PCIE: Intel® QuickAssist Adapter 89xx
- SoC: Intel Atom® C3000 processor series (Denverton NS) / Rangeley
- Ensure SR-IOV and VT-d are enabled in BIOS
Software
-
Enable IOMMU and reboot
Enable IOMMU support by setting the correct kernel parameter depending on the type of CPU in use:
- For Intel CPUs (VT-d) set
intel_iommu=on
- For AMD CPUs (AMD-Vi) set
amd_iommu=on
You should also append the
iommu=pt
parameter. This will prevent Linux from touching devices which cannot be passed through.Edit the file /etc/default/grub and change the
GRUB_CMDLINE_LINUX
vim /etc/default/grub # Change and save ... GRUB_CMDLINE_LINUX="iommu=pt, intel_iommu=on, apparmor=0" ... sudo grub2-mkconfig -o /boot/grub2/grub.cfg sudo reboot # We can check it dmesg | grep -i iommu [ 0.000000] DMAR: IOMMU enabled
- For Intel CPUs (VT-d) set
-
Install needed software package
# For CentOS yum -y groupinstall "Development Tools" yum -y install pciutils yum -y install libudev-devel yum -y install kernel-devel-$(uname -r) yum -y install gcc yum -y install openssl-devel # For Ubuntu apt-get update apt-get install pciutils-dev # For Fedora dnf groupinstall "Development Tools" dnf install gcc-c++ dnf install systemd-devel dnf install kernel-devel-`uname -r` dnf install elfutils-devel dnf install openssl-devel
Quick Start
-
Get the Intel QAT driver from 01.org
mkdir qat_driver cd qat_driver wget https://01.org/sites/default/files/downloads//qat1.7.l.4.12.0-00011.tar.gz tar zxvf qat1.7.l.4.12.0-00011.tar.gz
-
Configure the Intel QAT driver
# You can list the configuration by this command ./configure -h # We need enable the Intel QAT sriov ./configure --enable-icp-sriov=host
-
Build driver and install driver and samples
make make install make samples-install
-
We need load the driver module for VFs and check
lsmod | grep qa qat_c62xvf 16384 0 qat_c62x 20480 0 intel_qat 212992 3 qat_c62x,usdm_drv,qat_c62xvf uio 20480 1 intel_qat modprobe vfio-pci modprobe uio
-
Start QAT service
# Start QAT and QAT VFs service service qat_service restart service qat_service_vfs restart # Check the devices status adf_ctl status
-
Custom configuration
edit /etc/c6xx_dev*.conf for Intel QAT PFs
edit /etc/c6xxvf_dev*.conf for Intel QAT VFs
-
Test the sample code
cd build export LD_LIBRARY_PATH=`pwd` ./cpa_sample_code signOfLife=1
Then you can assign the Intel QAT VFs to your containers or your VMs by PCI-passthrough